/** * Connect to o365 without switching user's login method. */ public function mode_connecttoken() { global $CFG, $SESSION; require_once $CFG->dirroot . '/auth/oidc/auth.php'; $auth = new \auth_oidc\loginflow\authcode(); $auth->set_httpclient(new \auth_oidc\httpclient()); $SESSION->auth_oidc_connectiononly = true; $auth->initiateauthrequest(false, ['redirect' => '/local/o365/ucp.php']); }
/** * Initiate an OIDC authorization request. * * @param bool $uselogin Whether to switch the user's Moodle login method to OpenID Connect upon successful authorization. */ protected function doauthrequest($uselogin) { global $CFG, $SESSION, $DB, $USER; require_once $CFG->dirroot . '/auth/oidc/auth.php'; $stateparams = ['redirect' => '/local/o365/ucp.php']; $extraparams = []; $promptlogin = false; $o365connected = \local_o365\utils::is_o365_connected($USER->id); if ($o365connected === true) { // User is already connected. redirect('/local/o365/ucp.php'); } $connection = $DB->get_record('local_o365_connections', ['muserid' => $USER->id]); if (!empty($connection)) { // Matched user. $extraparams['login_hint'] = $connection->aadupn; $promptlogin = true; } $auth = new \auth_oidc\loginflow\authcode(); $auth->set_httpclient(new \auth_oidc\httpclient()); if ($uselogin !== true) { $SESSION->auth_oidc_connectiononly = true; $stateparams['connectiononly'] = true; } $auth->initiateauthrequest($promptlogin, $stateparams, $extraparams); }
require_once __DIR__ . '/auth.php'; require_login(); require_capability('auth/oidc:manageconnection', \context_user::instance($USER->id), $USER->id); $action = optional_param('action', null, PARAM_TEXT); $oidctoken = $DB->get_record('auth_oidc_token', ['username' => $USER->username]); $oidcconnected = !empty($oidctoken) ? true : false; $oidcloginconnected = $USER->auth === 'oidc' ? true : false; if (!empty($action)) { if ($action === 'connectlogin' && $oidcloginconnected === false) { // Use authorization request login flow to connect existing users. if (!is_enabled_auth('oidc')) { throw new \moodle_exception('erroroidcnotenabled', 'auth_oidc'); } $auth = new \auth_oidc\loginflow\authcode(); $auth->set_httpclient(new \auth_oidc\httpclient()); $auth->initiateauthrequest(); } else { if ($action === 'disconnectlogin' && $oidcloginconnected === true) { if (is_enabled_auth('manual') === true) { $auth = new \auth_plugin_oidc(); $auth->set_httpclient(new \auth_oidc\httpclient()); $auth->disconnect(); } } else { throw new \moodle_exception('errorucpinvalidaction', 'auth_oidc'); } } } else { $PAGE->set_url('/auth/oidc/ucp.php'); $usercontext = \context_user::instance($USER->id); $PAGE->set_context(\context_system::instance());